Step
2.
Specify key exchange
algorithms for SSH2.
Specifying public key algorithms for SSH2
Step
1.
Enter system view.
2.
Specify public key algorithms
for SSH2.
Specifying encryption algorithms for SSH2
Step
1.
Enter system view.
Command
•
In non-FIPS mode:
ssh2 algorithm
key-exchange
{ dh-group-exchange-sha1
| dh-group1-sha1 |
dh-group14-sha1 |
ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } *
•
In FIPS mode:
ssh2 algorithm
key-exchange
{ dh-group14-sha1 |
ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } *
Command
system-view
•
In non-FIPS mode:
ssh2 algorithm public-key
{ dsa |
ecdsa-sha2-nistp256 |
ecdsa-sha2-nistp384 | rsa |
x509v3-ecdsa-sha2-nistp2
56 |
x509v3-ecdsa-sha2-nistp3
84 } *
•
In FIPS mode:
ssh2 algorithm public-key
{ ecdsa-sha2-nistp256 |
ecdsa-sha2-nistp384 | rsa |
x509v3-ecdsa-sha2-nistp2
56 |
x509v3-ecdsa-sha2-nistp3
84 } *
Command
system-view
423
Remarks
•
In non-FIPS mode:
By default, SSH2 uses the
key exchange algorithms
ecdh-sha2-nistp256,
ecdh-sha2-nistp384,
dh-group-exchange-sha1,
dh-group14-sha1, and
dh-group1-sha1 in
descending order of priority
for algorithm negotiation.
•
In FIPS mode:
By default, SSH2 uses the
key exchange algorithms
ecdh-sha2-nistp256,
ecdh-sha2-nistp384, and
dh-group14-sha1 for
algorithm negotiation.
Remarks
N/A
•
In non-FIPS mode:
By default, SSH2 uses the
public key algorithms
x509v3-ecdsa-sha2-nistp2
56,
x509v3-ecdsa-sha2-nistp3
84, ecdsa-sha2-nistp256,
ecdsa-sha2-nistp384, rsa,
and dsa in descending order
of priority for algorithm
negotiation.
•
In FIPS mode:
By default, SSH2 uses the
public key algorithms
x509v3-ecdsa-sha2-nistp2
56,
x509v3-ecdsa-sha2-nistp3
84, ecdsa-sha2-nistp256,
ecdsa-sha2-nistp384, and
rsa in descending order of
priority for algorithm
negotiation.
Remarks
N/A